PVE::HA::NodeStatus->get_node_state($node) and its proxies are accessed
by many call sites with untrusted input data, e.g., migrate/relocate crm
commands, node maintenance commands, etc.
For example, if node 'node19' does not exist, and a user issues the
migrate command, 'node19' will be written to the node state and will
stay there until it is removed as a gone node (after ~60 min):
$ ha-manager migrate vm:100 node19
$ ha-manager status
unable to read file '/etc/pve/nodes/node19/lrm_status'
quorum OK
[...]
lrm node19 (unable to read lrm status)
[...]
As the transition between unknown/gone and other node states are already
handled by PVE::HA::NodeStatus->update(...), remove this side effect
from get_node_state(...).
Signed-off-by: Daniel Kral <[email protected]>
---
src/PVE/HA/NodeStatus.pm | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/src/PVE/HA/NodeStatus.pm b/src/PVE/HA/NodeStatus.pm
index e5dddf3b..381be7d0 100644
--- a/src/PVE/HA/NodeStatus.pm
+++ b/src/PVE/HA/NodeStatus.pm
@@ -33,10 +33,7 @@ my $valid_node_states = {
sub get_node_state {
my ($self, $node) = @_;
- $self->{status}->{$node} = 'unknown'
- if !$self->{status}->{$node};
-
- return $self->{status}->{$node};
+ return $self->{status}->{$node} // 'unknown';
}
sub node_is_operational {
--
2.47.3
_______________________________________________
pve-devel mailing list
[email protected]
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
